RE: Custom Reporting

Good question! I'd also like to hear what kinds of specialized report
generation tricks are out there for pen-test reporting that go beyond
tool-implemented methods.

I know that one of my senior engineers is currently doing some neat things
along these lines. I'll ping him and see if he's got some time to discuss :)
I purposefully avoid plugging my company on-list to minimize any conflict of
interest.

--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball"


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of killy
Sent: Sunday, April 29, 2007 7:42 PM
To: Pen-Tests
Subject: Custom Reporting

Hi everyone,

Anyone doing anything interesting with automated custom
reporting based on nessus , nmap or some other scanning tool?
Anyone creating custom reports from nessus or nmap scans?

Anyone doing anyting with nessus xml reports?

I think this could be an interesting topic.

-p1g

--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

--------------------------------------------------------------
----------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic See HOW Now with
our 20/20 program!

http://www.cenzic.com/c/2020
--------------------------------------------------------------
----------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Relevant Pages

  • Re: OT: vulnerability scanner
    ... >>I am looking to a vulnerability scanner for UNIX. ... >>that either we need to switch to something else or give TARA a major ... central reporting be one of them. ... > comprehensive web based reports from nessus for the systems on your ...
    (Fedora)
  • RE: verify HTTPS vulnerabilities
    ... I would first check out the NASL script in Nessus to see the exact ... connections to the cypher Nessus is reporting. ... allowed and you get a basic auth prompt, ... However the target host requires basic authentication, ...
    (Pen-Test)
  • Re: Reporting Tool
    ... application when a user required custom reporting is provide an Access ... >My users, use ms access for querying and reporting on a backend database, ... >however they need to replace ms access with a new reporting tool. ...
    (microsoft.public.dotnet.languages.csharp)